White House Not Pleased with New CISPA Bill

President Obama, who threatened to veto the 2012 version of the Cyber Intelligence and Sharing Protection Act, isn't too thrilled with the 2013 edition of CISPA that cleared a House panel earlier this week.

White House spokeswoman Caitlin Hayden said amendments added in a markup session on April 10 to the bill - which fosters the sharing of cyber-threat information between the federal government and critical infrastructure owners - didn't go far enough to strengthen civil liberties and privacy protections.

"We believe the adopted committee amendments reflect a good-faith effort to incorporate some of the administration's important substantive concerns, but we do not believe these changes have addressed some outstanding fundamental priorities," Hayden said in a statement.

But Hayden's statement stops short of a veto threat, and suggests that a version more in line with White House concerns could be achieved with the bill's sponsors, Reps. Mike Rogers, R-Mich., and C.A. "Dutch" Ruppersberger, D-Md., of the House Select Permanent Committee on Intelligence.

"The administration seeks to build upon the productive dialogue with Chairman Rogers and Ranking Member Ruppersberger over the last several months, and the administration looks forward to continuing to work with them to ensure that any cybersecurity legislation reflects these principles," Hayden said.

The lawmakers have had discussions on CISPA with White House officials, including National Security Adviser Tom Donilon, who promised the bill's sponsors the administration would cooperate in finalizing the legislation [see Is Compromise in Offing for CISPA?].

No Veto Threat, Yet

In the veto threat issued last April 25, the White House said the measure failed to provide authorities with a way to ensure that the nation's core critical infrastructure is protected and repeals important provisions of electronic surveillance law without instituting corresponding privacy, confidentiality and civil liberties safeguards [see Obama Threatens to Veto Cybersecurity Bill]. The administration usually waits until a bill is scheduled for a floor debate before issuing a statement on administration policy on whether the president would issue a veto. A vote on CISPA could come as early as next week.

Those concerns over privacy and civil liberties were raised at the markup session earlier this week by Rep. Jan Schakowsky, D-Ill., who along with Rep. Adam Schiff, D-Calif., were the only committee members to vote against the bill. The committee rejects three amendments offered by Schakowsky, which she contends would have strengthened privacy and civil liberties protections [see CISPA Clears House Intelligence Panel].

One amendment approved by the committee would restrict the private sector's use of any cybersecurity information received to cybersecurity purposes only. Another amendment would add responsibilities to the federal Privacy and Civil Liberties Board and individual agency privacy officers to provide additional oversight of the government's use of information received from the private sector under the bill.

Ruppersberger said he believes those added protections met the earlier, stated objections to the legislation. "We have always said this was a collaborative process with privacy groups, the business community and the White House," Ruppersberger said. "The adoption of a host of amendments in markup [Wednesday] supported by these groups shows a true commitment to making our bill better and improving privacy and civil liberties protections."

Should the bill pass the House as amended, changes to make it more amenable to the White House could be made in the Senate, which failed to consider CISPA last year.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.